免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
最近访问板块 发新帖
楼主: py

[ldap] 写给所有OpenLDAP不能正常启动的人 [复制链接]

论坛徽章:
0
发表于 2005-06-07 09:34 |显示全部楼层

写给所有OpenLDAP不能正常启动的人

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
ucdata-path        e:/openldap/ucdata
#include                e:/openldap/etc/schema/corba.schema
include                e:/openldap/etc/schema/core.schema
include                e:/openldap/etc/schema/myschema.schema
#include                e:/openldap/etc/schema/cosine.schema
#include                e:/openldap/etc/schema/inetorgperson.schema
#include                e:/openldap/etc/schema/java.schema
#include                e:/openldap/etc/schema/misc.schema
#include                e:/openldap/etc/schema/nis.schema
#include                e:/openldap/etc/schema/openldap.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral        ldap://root.openldap.org

sizelimit 5000
threads 8
idletimeout 14400
cachesize 10000
checkpoint 256 15

pidfile                e:/openldap/var/slapd.pid
argsfile        e:/openldap/var/slapd.args

# Load dynamic backend modules:
# modulepath        e:/openldap/libexec/openldap
# moduleload        back_bdb.la
# moduleload        back_ldap.la
# moduleload        back_ldbm.la
# moduleload        back_passwd.la
# moduleload        back_shell.la

# Sample security restrictions
#        Require integrity protection (prevent hijacking)
#        Require 112-bit (3DES or better) encryption for updates
#        Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#        Root DSE: allow anyone to read it
#        Subschema (sub)entry DSE: allow anyone to read it
#        Other DSEs:
#                Allow self write access
#                Allow authenticated users read access
#                Allow anonymous users to authenticate
#        Directives needed to implement policy:
# access to dn.base="" by * read
access to dn.base="cn=manager,o=dtedu.org" by self write
# access to *
        by self write
#        by users read
        by anonymous auth
#
# if no access controls are present, the default policy is:
#        Allow read by all
#
# rootdn can always write!
loglevel -1
replogfile /var/log/ldap.log

#######################################################################
# ldbm database definitions
#######################################################################

database        bdb
suffix                "o=dtedu.org"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd( and slapd.conf(5) for details.
# Use of strong authentication encouraged.

rootdn                "cn=manager,o=dtedu.org"
rootpw                {SSHA}Gpuj9VmNOhzd1c5U84Hcdo1KR5/XPcnK
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory        e:/openldap/var/openldap-data
# Indices to maintain
index        objectClass        eq

论坛徽章:
0
发表于 2005-06-07 09:34 |显示全部楼层

写给所有OpenLDAP不能正常启动的人

谢谢

论坛徽章:
1
2015年辞旧岁徽章
日期:2015-03-03 16:54:15
发表于 2005-06-07 10:37 |显示全部楼层

写给所有OpenLDAP不能正常启动的人

[quote]原帖由 "zhaowx"]openldap 中没有 "db_recover" 和 "db_verify" 程序呀.[/quote 发表:

这些应该是linux下bdb的命令吧,感觉很多参数对windows下的openldap都不起作用
如果是在windows下重新编译openldap可以调整这些优化的参数

论坛徽章:
0
发表于 2005-06-07 12:56 |显示全部楼层

写给所有OpenLDAP不能正常启动的人

Where is your ldap data? do you have a "directory ..." directive in slapd.conf?

e:/openldap/var/openldap-data
OR
c:/openldap/var/openldap-data

论坛徽章:
0
发表于 2005-06-08 00:01 |显示全部楼层

写给所有OpenLDAP不能正常启动的人

If you use "database bdb", that means your database backend used is Berkeley DB (http://www.sleepycat.com), "db_recover" and "db_verify" are from the BDB package.

The LAST time I used Windows version of OpenLDAP 2.1.XX was 2 years ago, I used CYGWIN, that came with BDB version 3.X I think, and I compiled OpenLDAP 2.1.XX from source codes. Since them, I never used Windows based OpenLDAP anymore.

I would encourage you to give up Windows version of OpenLDAP, backup the LDAP data (slapcat), install Linux (RedHat Fedora Core 3 for example) and install/compile OpenLDAP 2.2.6 from source codes, then restore back the LDAP data (slapadd).

Gary

论坛徽章:
0
发表于 2005-06-08 17:45 |显示全部楼层

写给所有OpenLDAP不能正常启动的人

可是,LINUX下的LDAP存储中文有问题呀。

论坛徽章:
0
发表于 2005-06-08 20:16 |显示全部楼层

写给所有OpenLDAP不能正常启动的人

I am not an expert. If I am really correct (IIRC), OpenLDAP has language tags (RFC 2596) support since 2.0.X.

http://www.faqs.org/rfcs/rfc2596.html

http://www.openldap.org/software/roadmap.html

Google this text pattern for related posts in OpenLDAP mail list archives:

"language site:www.openldap.org"

Gary

论坛徽章:
0
发表于 2005-06-09 11:31 |显示全部楼层

写给所有OpenLDAP不能正常启动的人

谢谢 gary_tay88 。

论坛徽章:
0
发表于 2005-07-06 22:40 |显示全部楼层

写给所有OpenLDAP不能正常启动的人

我用/usr/local/openldap/libexec/slapd -d 256可以启动
但是用/usr/local/openldap/bin/ldappasswd时出错:
ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
        additional info: SASL(-13): user not found: no secret in database

why?

论坛徽章:
1
2015年辞旧岁徽章
日期:2015-03-03 16:54:15
发表于 2005-07-09 10:41 |显示全部楼层

写给所有OpenLDAP不能正常启动的人

ldapadd,ldapsearch的时候有没有同样的问题?
另外你用ldappasswd改密码的用户是不是当前用户?不是的话用-u 指定一下。
你的这个问题在google上出现的很多,可以看看这个:
http://www.openldap.org/lists/openldap-software/200308/msg00149.html
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP